A unified framework for enforcing multiple access control policies
SIGMOD '97 Proceedings of the 1997 ACM SIGMOD international conference on Management of data
Flexible team-based access control using contexts
SACMAT '01 Proceedings of the sixth ACM symposium on Access control models and technologies
Flexible support for multiple access control policies
ACM Transactions on Database Systems (TODS)
Design of a Role-Based Trust-Management Framework
SP '02 Proceedings of the 2002 IEEE Symposium on Security and Privacy
Binder, a Logic-Based Security Language
SP '02 Proceedings of the 2002 IEEE Symposium on Security and Privacy
The many faces of publish/subscribe
ACM Computing Surveys (CSUR)
A Logical Language for Expressing Authorizations
SP '97 Proceedings of the 1997 IEEE Symposium on Security and Privacy
Automated Trust Negotiation
Role-based access control for publish/subscribe middleware architectures
Proceedings of the 2nd international workshop on Distributed event-based systems
Purpose based access control of complex data for privacy protection
Proceedings of the tenth ACM symposium on Access control models and technologies
Self-organizing publish/subscribe
DSM '05 Proceedings of the 2nd international doctoral symposium on Middleware
Maintaining privacy on derived objects
Proceedings of the 2005 ACM workshop on Privacy in the electronic society
Regulating Exceptions in Healthcare Using Policy Spaces
Proceeedings of the 22nd annual IFIP WG 11.3 working conference on Data and Applications Security
Hi-index | 0.00 |
When an access decision function denies a data access request by a mission participant in a mission-critical situation, the mission often suffers. In this paper, we propose a sharing control mechanism that computes and executes requests that are mission-related to denied requests. We extend the Flexible Authorization Framework (FAF)with predicates and hierarchies that permit us to specify authorization rules over denied requests and mission-specific relationships. We illustrate our techniques using a prototypical information sharing scenario, namely an emergency first-responder scenario.